Details
Bug
Description
Zend_Acl_Assert_Interface::assert() gets nulls for $role, $resource and $privilege if those parameters are omitted in the allow() call. According to the manual, this is not the expected behaviour (as far as I can tell):
"The assert() method of an assertion object is passed the ACL, Role, Resource, and privilege to which the authorization query (i.e., isAllowed()) applies, in order to provide a context for the assertion class to determine its conditions where needed."
Example case:
$siteAcl = new Zend_Acl();
$siteAcl->add(new Zend_Acl_Resource('myres'));
$siteAcl->addRole(new Zend_Acl_Role('myrole'));
class MyAssert implements Zend_Acl_Assert_Interface
{
public function assert(Zend_Acl $acl, Zend_Acl_Role_Interface $role = null, Zend_Acl_Resource_Interface $resource = null, $privilege = null)
}
$siteAcl->allow(null, null, null, new MyAssert());
//$siteAcl->allow('myrole', 'myres', 'somepriv', new MyAssert()); // << using this line instead, assert() gets the parameters
$siteAcl->isAllowed('myrole', 'myres', 'somepriv');
Issue Links
| This issue duplicates: | ||||
| ZF-1722 | Zend_Acl assertions broken when inheritance is required (ie DepthFirstSearch) |
|
|
|
Assigned to Darby